Your data is handled on Microsoft’s enterprise cloud infrastructure. Client datasets are stored in Microsoft 365 and protected with encryption in transit and at rest, consistent with Microsoft’s security standards.

We process only what’s needed to deliver the service. Client datasets use pseudonymized IDs and exclude direct identifiers within the client dataset (such as donor names, emails, and phone numbers), full street addresses, payment information, and special-category/sensitive data used to identify individuals.

We restrict access to authorized personnel and users using safeguards such as multi-factor authentication, role-based access controls, and audit logging. Dashboards can also use row-level security to limit what each viewer can see.

Insights are delivered through secure Power BI dashboards. Predictive outputs are advisory and support your team’s decision-making—they are not used for automated decisions with legal or similarly significant effects.

Our privacy program is designed to apply globally and align with GDPR and major US privacy laws. Where requirements differ, we apply the most protective obligations for the relevant jurisdiction and support appropriate mechanisms for cross-border data transfers.

We keep client data only as long as necessary to provide services. Client data is deleted after services end, including associated backups, in line with our retention and deletion policy.

You can contact our privacy team with questions or requests at privacy@donorsight.ai.

Depending on where you live, you may have rights such as access, correction, and deletion, and we handle requests within applicable legal timeframes.